Enterprises across the globe have been asking for simpler ways to provide multi-site Business Continuity and Workload Mobility for applications hosted in their Private Cloud. The Cloud promises a more agile operational environment and that promise has been fulfilled to a large extent within their data centers. But many Enterprises are challenged to unlock this same agility across multi-site Cloud topologies. For example, Enterprise CTOs and CIOs have asked us directly to provide simplified Workload Mobility of critical apps between sites to give their operations teams more flexibility.

Many competitive solutions offer basic VM mobility between sites and storage replication, but do not address the rest of the application environment including: security, stateful services, network containers, tenancy, and most importantly both physical and virtual resources.

What good does it do to move a VM to a new site if the rest of the application environment is left behind causing a potential security hole?

How to move a LIVE 3-tier app like Microsoft SharePoint to a new site (without impacting users)

As we all know, business critical applications require a robust service environment to operate securely across the cloud. In our example below, the application environment provides firewall and load balancing services for each tier of the SharePoint application; web, app, and database tiers. These services are stitched together using a secure Network Container that carve out a slice of resources across the data center for SharePoint. Most Enterprises and SPs use a mix of physical and virtual resources including firewalls, load balancers, VPN termination, IDS, and network switching. Many of these services create stateful connections to users, so….

If you perform a live migration of SharePoint to a new site, stateful connections to firewalls and load balancers need to be preserved to maintain security and TCP connections to active users.

Broken user connections = Service disruption (that’s not good)

You must also provide identical security and services for new SharePoint users even though the application has moved to a new site.

Broken Network Services = Potential Security hole (that’s even worse)

How does Next-Gen Workload Mobility actually work?

Let’s share some test results from our new Business Continuity and Workload Mobility Solutionto illustrate how we performed live SharePoint migrations to a new site (75 km away) while maintaining security, stateful services, and user connections. Oh yes, automatically without manual intervention.

We first deployed the SharePoint Web, App, and Database tiers in a secure network container in Data Center 1 using service orchestration, simple and easy. Refer to the figure below for a topology picture.

SharePoint Web Tier is in a Public Zone, and uses a virtual firewall (VSG) and Citrix load balancer

SharePoint App Tier and Database Tier (SQL) are in a Protected Zone and use an ASA Firewall and Citrix load balancer

We performed a Live vMotion of SharePoint (Web, App, Database) to new hosts in Data Center 2, described in the figure below. Data Center 2 is 75 km away. Our SharePoint migration had minimal disruption (2 seconds or less) and maintained security, stateful services, and all user connections across our multi-site Cloud. Pretty sweet! A few highlights from our validated design are provided below.

Our virtual switch (Nexus 1000v), virtual firewall (VSG), and UCS automatically updated Port and Security Profiles at the new site, so our virtual switching and application firewalls were preserved without lifting a finger.

Our Network Container was automatically extended between Metro sites, maintaining security, tenancy, QoS, IP addressing, and user connections. SharePoint was discovered on the new host in Data Center 2 within seconds, using this extended Network Container.

Now let’s move the rest of the network container to Data Center 2 in less than one second!

Step 2: Redirect users to a new Network Container in Data Center 2….in less than 1 second!

With the aid of service orchestration, we simply created a new network container in Data Center 2. This new container included the same configuration, connections, and services (firewalls, load balancers) as the original container in Data Center 1. Once created, we simply redirected external users to the SharePoint application running in Data Center 2, as described below. The redirection of users happened in less than one second, pretty amazing. A simple routing update delivered through service orchestration performed the redirection. In this step, user connections were broken and new connections were re-established to the already running SharePoint application in less than one second! A few highlights from our validated design are provided below.

Layer 2 Extensions allowed the preservation of IP Addressing for Apps and Services during migration. There is no need to “re-IP” your applications just because they’ve moved to a different city.

The complete Network Container including physical and virtual resources was moved with minimal disruption (sub-second) to users

Our Multi-site Cloud solution supports a typical application environment, including both physical and virtual resources, with scaling for large and small private clouds

We also support Cold workload moves of less critical workloads that don’t require these stringent stateful requirements.

For More Info:

We encourage you to follow my blog series and check out our new business continuity and workload mobility solution (VMDC DCI), which describes key business drivers, Cisco DCI innovations, and validated designs that our customers are deploying in their private clouds.

In my previous blog, we provided an overview of the critical use cases and innovations we included in our new Business Continuity and Workload Mobility Solution for Private Cloud. This blog highlights the critical trends and challenges driving new multi-site Cloud designs.

Two important trends are driving CTO’s and CIO’s to deploy new multi-site Cloud solutions that provide better Business Continuity, Workload Mobility, and Disaster Recovery.

More workloads are moving to the Private and Public Cloud versus the traditional data center

Cloud Data Centers have a higher density of workloads per server than traditional data centers due to increased virtualization.

This ever increasing volume of Cloud hosted workloads is placing serious pressure on operations teams to manage larger scale data centers, and insure that they keep these workloads up and running, avoiding costly downtime or a nightmare service outage. Many of the CTO’s and CIO’s we’ve worked with are re-assessing their Multi-site strategy to insure they can answer some tough questions:

What are the common weak points of multi-site Cloud designs that could prevent us from achieving our Business Continuity goals for our critical apps? Can we avoid them?

How can we provide Workload Mobility between sites to provide a more agile Cloud environment?

In the event of site outage, can our Private Cloud reduce the time it takes to recover critical applications to a new site?

[WARNING: This blog post contains specifics on actual product features. Stop reading now if you prefer PowerPoint to Excel.]

“Enterprise class.” Sounds awesome. But does it have any meaning to your business?

It turns out that it does, but we need to dig into a real product example to make it clear. One shining example from Cisco is our leadership in Enterprise class (there’s that phrase again!) 3G/4G. Let’s use this example to highlight how our engineers create “Enterprise class” products by focusing on: Read More »

Importance of High Availability: If you are reading this blog, you likely own 2-5 Wi-Fi-capable devices: laptops, mobile phones, or tablets. From employees to students, from doctors to guests, the common theme is that everyone now uses wireless as a preferred mode of access.

Novelty bets are all the rage these days in gambling. Bookmakers are laying odds and allowing side bets on the minutiae of major events ranging from athletic contests to national elections to royal weddings. My favorite novelty bet from the 2011 Super Bowl: how long would Christina Aguilera hold the note “brave” at the end of the National Anthem? (It went nine seconds by my unofficial count. Feel free to time it yourself.)

Can we get the Data Center industry a piece of this action? Imagine the odds line for happenings in and around your server environment in the next six months: Read More »

Some of the individuals posting to this site, including the moderators, work for Cisco Systems. Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of Cisco. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Cisco or any other party. This site is available to the public. No information you consider confidential should be posted to this site. By posting you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to the Website and release Cisco from any liability related to your use of the Website. You also grant to Cisco a worldwide, perpetual, irrevocable, royalty-free and fully-paid, transferable (including rights to sublicense) right to exercise all copyright, publicity, and moral rights with respect to any original content you provide. The comments are moderated. Comments will appear as soon as they are approved by the moderator.